Hallmark cards scam warning

[Azagoth]

Just checked my Googlemail and found that I'd apparently I'd recieved a Hallmark E-Card from someone. Check out the status bar at the bottom though when I hover the mouse over the link to "see the sard"!

I don't know if it's a genuine thing or, probably the more likely outcome, a virus of some description. Just make sure that any of your family and friends who aren't that tech savvy not to click on this.

 

[coolpunkskater]

thats one of the best looking spam's ive seen its only the url at the bottom that gives it away

 

[Maccy]

Thanks for the heads up - def one to watch out for.

 

[36:)]

thats one of the best looking spam's ive seen its only the url at the bottom that gives it away

That and not being able to spell received?

 

[Timdog]

That and not being able to spell received?

lol how did they manage to spell it wrong when hey got it right at the top

n00bs

 

[James07]

Not bad, looks pretty genuine.

Usually it tells you which email its come from, but as it dosnt id spam it, get rid completely.

 

[clv101]

That and not being able to spell received?

It's a good job almost all crooked people are incredibly thick... otherwise we might really have something to worry about.

 

[grez]

http://hallmark.custhelp.com/cgi-bin/hallmark.cfg/php/enduser/std_adp.php?p_faqid=2189&p_created=1183997011&p_sid=tImXbHWi&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0yNzYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1

 

[tom_e]

That and not being able to spell received?

only problem there being 1. I cant spell anyway and 2. I skim read them so id just read it as the correct word anyway

 

[mattyrigby00]

and because the address is hallmark.mooo.com, itll be "mooo.com" the link is actually to

 

[HAz]

So many noobs are going to get owned by this

 

[Surfer]

problem is do you have any on your friends list? it only takes one

 

[whitecrook]

even if this was genuine, it's still go straight into my trash. Who bothers with this crap?

 

[Psypher5]

isn't @hallmark.com legit though? Obviously the attached ecard does look virusy form the name, but the email sender looks legit? :/

 

[GarethDW]

It's trivial to spoof a sender's email address because there was never any validation built-in to verify that who you say you are is actually who you are... i.e. I can easily spoof a mail to look like it was sent by [email protected] but the mail wouldn't have originated from labour.gov.uk and isn't verified at any stage along the process. All it takes is an open relay and you can impersonate anyone you want to.

 

[GarethDW]

ps - downloading a virus-infected exe wouldn't bother me in the slightest.

Yay for Linux

 

[Redrum]

It's trivial to spoof a sender's email address because there was never any validation built-in to verify that who you say you are is actually who you are

Although such a check has since been added. Its called SPF checking, but it requires that both the domain being spoofed and the mail server that receives the email is using it. In this case, Hallmark.com do have SPF records set up but it appears google have not checked them.

All it takes is an open relay and you can impersonate anyone you want to.

An open relay or just some software to send it directly, which is included in every Linux distribution and on some of the server versions of Windows, and can be added to any Windows PC.

What a lot of people probably don't realise is that this sort of email is usually sent from a normal home user's PC without them even knowing, because someone will infect them and then use them to send spam out.

Theres probably even someone reading this thread that is sending out hundreds of spams as we speak.

 

[RobH]

And this is why some ISP's now block or intercept outgoing traffic on port 25 to try and prevent spammers or infected machines sending spam.

 

[Tefal]

ps - downloading a virus-infected exe wouldn't bother me in the slightest.

Yay for Linux

but can it run crysis

 

[V4NT0M]

mooo.com